Revision as of 15:49, 18 July 2006

This page is a collection of links (most from my Dinis' owasp.net blog) which releate to .Net

Clr stuff

Very, Very interesting interview by Anders Hejlsberg (the lead C# architect) with Bruce Eckel and Bill Venners (There are 8 parts and this CLR Design Choices links to the 8th (which contains links to all of them))

How to Migrate to clrpure and Pure and Verifiable Code This last one contains this note: “There is one coding scenario that will pass the compiler but that will result in an unverifiable assembly: calling a virtual function through an object instance using the scope resolution operator. For example: MyObj -> A::VirtualFunction();.”

“To allow the application to
obtain the permissions it needs without administrator intervention
on the client machine, ClickOnce can prompt the user at
installation time to ask them to grant the application the elevated
permissions. Once permission is granted, the user will not be
prompted again on subsequent runs. Although this capability
circumvents some of the security protections provided by the CLR by
allowing a user to elevate security permissions for that
application, you can prevent the user from being allowed to do this
through security policy in an enterprise environment.”